LayoutTests/http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-opened-frame.html - Issue 494343003: Eliminate globalFlag usage from http security layout tests.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: LayoutTests/http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-opened-frame.html

Issue 494343003: Eliminate globalFlag usage from http security layout tests. (Closed) Base URL: svn://svn.chromium.org/blink/trunk

Patch Set: consistify Created 6 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « LayoutTests/http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessee-opened-frame.html ('k') | LayoutTests/http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-sub-frame-2-level.html » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 <html>	1 <html>

2 <body>	2 <body>

3 <p>Frame on a foreign domain (opened using window.open).</p>	3 <p>Frame on a foreign domain (opened using window.open).</p>

4 <iframe name='aFrame' id="aFrame"></iframe>	4 <iframe name='aFrame' id="aFrame"></iframe>

5 <script>	5 <script>

6 var url = "javascript:\"<html>"	6 var url = "javascript:\"<html>"

7 + "<head>"	7 + "<head>"

8 + "<scr" + "ipt>"	8 + "<scr" + "ipt>"

9 + "window.onload = function()"	9 + "window.onload = function()"

10 + "{"	10 + "{"

11 + "try {"	11 + "try {"

12 + "parent.opener.document.getElementById('accessMe') .innerHTML = 'FAIL: Cross frame access from a javascript: URL on a different dom ain was allowed';"	12 + "parent.opener.document.getElementById('accessMe') .innerHTML = 'FAIL: Cross frame access from a javascript: URL on a different dom ain was allowed';"

13 + "} catch(e) {"	13 + "} catch(e) {"

14 + "}"	14 + "}"

15 + "if (window.testRunner)"	15 + "parent.opener.postMessage('done', '*');"

16 + "testRunner.globalFlag = true;"

17 + "}"	16 + "}"

18 + "</scr" + "ipt>"	17 + "</scr" + "ipt>"

19 + "</head>"	18 + "</head>"

20 + "<body>"	19 + "<body>"

21 + "<p>Inner-inner iframe. This iframe (which is javascript: URL and whose parent is on a foreign domain) is the frame attempting to access"	20 + "<p>Inner-inner iframe. This iframe (which is javascript: URL and whose parent is on a foreign domain) is the frame attempting to access"

22 + " the main frame. It should not have access to it.</p>"	21 + " the main frame. It should not have access to it.</p>"

23 + "</body>"	22 + "</body>"

24 + "</html>\"";	23 + "</html>\"";

25	24

26 var frame = document.getElementById('aFrame');	25 var frame = document.getElementById('aFrame');

27 frame.src = url;	26 frame.src = url;

28 </script>	27 </script>

29 </body>	28 </body>

30 </html>	29 </html>

OLD	NEW